On Sep 24, 2008, at 11:40 AM, Aaron Evans wrote:
Thanks for the response David.
Is it possible to get the Subject within other portlet applications
(besides the jetspeed application)?
We create the Subject in the Security Valve. So what you could do is
get it via the requestContext.getSubject() method in your own valve,
placed after the security valve in the pipeline.
Are the SSOPortlets intended to be deployed under the jetspeed
context?
no
I would prefer to extend the SSOPortlets and deploy them in another
app.
Getting the Subject on the request in another app is also possible.
Just get the request context from your request object such as in a JSP
<%@ page import="org.apache.jetspeed.request.RequestContext"%>
<c_rt:set var="requestContext" value="<
%=request.getAttribute(RequestContext.REQUEST_PORTALENV)%>"/>
<c:set var="mySubject" value="${requestContext.subject}"/>
If I can't get at the Subject in another app, I suppose I could always
extend the UserManagerImpl and have it stuff the password in the
user's preferences in the getUser method.
In fact, maybe that's the easiest way to go?
Well, I would consider stuffing in the SSO store
